Re: svn commit: r1792169 - in /httpd/httpd/trunk: CHANGES include/ap_mmn.h include/httpd.h modules/generators/mod_status.c modules/proxy/mod_proxy.c server/config.c server/util.c
The rewrite case was failing in the test suite. I removed both checks in r1792169. On Mon, May 8, 2017 at 8:04 PM, Eric Covenerwrote: > On Thu, Apr 27, 2017 at 1:51 PM, Eric Covener wrote: >> On Fri, Apr 21, 2017 at 4:44 AM, wrote: >>> +/* A request that has passed through .htaccess has no business >>> + * landing up here. >>> + */ >>> +if (ap_request_tainted(r, AP_TAINT_HTACCESS)) { >>> +return DECLINED; >>> +} >>> + >> >> If AllowOverride is enabled for the document root an d an htaccess is >> present, this renders /server-status unreachable, regardless of >> what's in the htaccess. If we're going to block this by default, we >> might as well just stop configuring it with SetHandler and then the >> taint checking is not needed. >> >> We also have in another thread the issue with RewriteRule ... [P] in >> htaccess being blocked. We need some kind of way to express a policy >> that will be unique to different handlers. > > bump? Right now the only two protected handlers are blocking pretty > routine configurations. -- Eric Covener cove...@gmail.com
Re: New warning with gcc 7.1
On 05/26/2017 11:29 AM, Christophe JAILLET wrote: > Hi, > > when compiling with gcc 7.1, we have the following warning (in French): > > util_expr_eval.c: Dans la fonction « ap_expr_eval_re_backref »: > util_expr_eval.c:199:63: warning: comparaison entre un pointeur et la > constante caractère zéro [-Wpointer-compare] > if (!ctx->re_pmatch || !ctx->re_source || *ctx->re_source == '\0' || >^~ > util_expr_eval.c:199:47: note: vouliez-vous déréférencer le pointeur ? > if (!ctx->re_pmatch || !ctx->re_source || *ctx->re_source == '\0' || >^ > > (i.e. comparison between a pointer and 0) > > > Knowing that we have: > > typedef struct { > ... > /** the string corresponding to the re_pmatch */ > const char **re_source; > ... > } ap_expr_eval_ctx_t; > > > Should the test in 'ap_expr_eval_re_backref' be something like: > > if (!ctx->re_pmatch || !ctx->re_source || !*ctx->re_source || > **ctx->re_source == '\0' || ctx->re_nmatch < n + 1) Looks sane to me as from a brief view it looks sane to me to assume that ctx->re_source is always != NULL at least if ctx->re_pmatch != 0 Regards Rüdiger
New warning with gcc 7.1
Hi, when compiling with gcc 7.1, we have the following warning (in French): util_expr_eval.c: Dans la fonction « ap_expr_eval_re_backref »: util_expr_eval.c:199:63: warning: comparaison entre un pointeur et la constante caractère zéro [-Wpointer-compare] if (!ctx->re_pmatch || !ctx->re_source || *ctx->re_source == '\0' || ^~ util_expr_eval.c:199:47: note: vouliez-vous déréférencer le pointeur ? if (!ctx->re_pmatch || !ctx->re_source || *ctx->re_source == '\0' || ^ (i.e. comparison between a pointer and 0) Knowing that we have: typedef struct { ... /** the string corresponding to the re_pmatch */ const char **re_source; ... } ap_expr_eval_ctx_t; Should the test in 'ap_expr_eval_re_backref' be something like: if (!ctx->re_pmatch || !ctx->re_source || !*ctx->re_source || **ctx->re_source == '\0' || ctx->re_nmatch < n + 1) Best regards, CJ